The risk to the financial sector is extremely high, and due to the high value of financial data, cybercriminals are increasingly targeting customer banking credentials when carrying out attacks. Below, we speak to Robert O'Connor, Chief Information Security Officer (CISO) for Neocova Corporation, about the cybersecurity challenges within financial institutions and best practices to safeguard financial data and prevent attacks.
Synopsys, Inc. released the report, DevSecOps Practices and Open Source Management in 2020, exploring the strategies that organizations around the world are using to address open source vulnerability management as well as the growing problem of outdated or abandoned open source components in commercial code.
The National Security Agency (NSA) released a Cybersecurity Advisory on Russian state-sponsored actors exploiting CVE-2020-4006, a command-injection vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. The actors were found exploiting this vulnerability to access protected data on affected systems and abuse federated authentication.
When we hear the term “critical infrastructure,” we want to believe that the assets – whether they are physical or digital – are extremely secure. Our minds conjure images of the vaults of Fort Knox, which are protected from every angle. However, critical infrastructure of the digital variety is not necessarily any more secure than any other digital asset. It all comes down to how meticulous the organization is in looking for and quickly closing vulnerabilities and security gaps that expose an attack surface for a bad actor to exploit.
With more Americans expected to do their holiday shopping online during the COVID-19 pandemic, US agencies and cybersecurity leaders are urging all consumers to be on alert for holiday shopping scams and cyber threats, which historically spike during the holiday season. Here, we talk to Michael Rezek, Vice President of Business Development and Cybersecurity Strategy at Accedian, about the technologies retailers need to adopt to ensure a smooth holiday shopping season, how to see the warning signs for bad actors, how to proactively manage them and what to do to prevent them in the first place.
The University of Texas at San Antonio (UTSA) launched the Cybersecurity Manufacturing Innovation Institute (CyManII), a $111 million public-private partnership. Led by UTSA, the university will enter into a five-year cooperative agreement with the U.S. Department of Energy (DOE) to lead a consortium of 59 proposed member institutions in introducing a cybersecure energy-ROI that drives American manufacturers and supply chains to further adopt secure, energy-efficient approaches, ultimately securing and sustaining the nation's leadership in global manufacturing competitiveness.
Before the pandemic, buy online, pickup in store (BOPIS) became hugely popular to consumers who didn’t want to have to wait for items to be delivered, pay for shipping or for those that wanted to avoid shopping in store altogether. However, as retailers adopted BOPIS, its rise flipped a switch and increased opportunities for fraudsters, enabling them to use stolen credit card information to make purchases online and then simply arrive at the store to pick up the item. So what can retailers do to ensure their customers are staying safe? Here are a few things to consider:
Organizations mostly monitor what they already know about, leaving unknown assets unprotected and open to attackers
December 4, 2020
CyCognito announced new research in partnership with Enterprise Strategy Group (ESG) that revealed most security professionals recognize that attack surface protection is important, but their operational practices and tools used aren’t up to the challenge.
A new partnership aims to help healthcare IT vendors and services firms improve their overall risk and security profile and provide greater transparency to thousands of healthcare providers. As part of the partnership, KLAS, which has conducted deep research and analysis on more than 900 healthcare IT products and services, will introduce a new Cybersecurity Readiness Assessment.
One lesson that is underscored by the disruption of COVID and the resulting transformation of business operations is the importance of IT modernization. Here, we know that business leaders understand its significance, but we also see evidence that failing to embed security into the strategies and plans for IT modernization may be a difference-maker.
RSS
